Fix #15: Make safety controller use CRC checked settings arrays for weights and persistencies. Weights not yet checked.
This commit is contained in:
@@ -55,7 +55,7 @@ enum analog_value_monitor {
|
||||
ERR_AMON_UC_TEMP = (1<<1),
|
||||
};
|
||||
|
||||
#define ERR_FLAG_ENTRY(errflag, persistency) {.name=#errflag, .flag = (errflag), .error_state = false, .error_state_inv = true, .persistent = (persistency), .key = 0UL}
|
||||
#define ERR_FLAG_ENTRY(errflag) {.name=#errflag, .flag = (errflag), .error_state = false, .error_state_inv = true, .key = 0UL, .weight = NULL, .persistency = NULL}
|
||||
#define TIM_MON_ENTRY(mon, min, max, flag) {.name=#mon, .monitor = (mon), .associated_flag=(flag), .min_delta = (min), .max_delta = (max), .last = 0ULL, .enabled= false}
|
||||
#define ANA_MON_ENTRY(mon, min_value, max_value, flag) {.name=#mon, .monitor = (mon), .associated_flag=(flag), .min = (min_value), .max = (max_value), .value = 0.0f, .valid = false}
|
||||
#define ERR_FLAG_WEIGHT_ENTRY(_flag, _weight) {.flag = (_flag), .flag_ptr = NULL, .weight = (_weight), .start_dummy = 0x11823344, .end_dummy = 0xAABBCCFD}
|
||||
@@ -106,20 +106,20 @@ enum analog_value_monitor {
|
||||
#define SAFETY_CONFIG_DEFAULT_PERSIST ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_MEAS_ADC_OFF, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_MEAS_ADC_WATCHDOG, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_MEAS_ADC_UNSTABLE, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_MEAS_ADC_OVERFLOW, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_MEAS_ADC_OVERFLOW, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_TIMING_MEAS_ADC, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_TIMING_PID, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_AMON_UC_TEMP, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_AMON_UC_TEMP, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_AMON_VREF, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_STACK, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_ADC, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SYSTICK, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_WTCHDG_FIRED, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_STACK, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_ADC, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SYSTICK, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_WTCHDG_FIRED, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_UNCAL, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_DEBUG, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_TIMING_MAIN_LOOP, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_MEM_CORRUPT, false), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT, false),
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_DEBUG, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_TIMING_MAIN_LOOP, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_MEM_CORRUPT, true), \
|
||||
ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT, true),
|
||||
|
||||
#define SAFETY_CONFIG_DEFAULT_WEIGHTS ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_MEAS_ADC_OFF, SAFETY_FLAG_CONFIG_WEIGHT_NONE), \
|
||||
ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_MEAS_ADC_WATCHDOG, SAFETY_FLAG_CONFIG_WEIGHT_NONE), \
|
||||
|
||||
@@ -39,12 +39,32 @@
|
||||
#include <reflow-controller/safety/safety-memory.h>
|
||||
#include <helper-macros/helper-macros.h>
|
||||
|
||||
#define check_flag_persistent(flag) ((flag)->persistency && (flag)->persistency->persistency)
|
||||
#define get_flag_weight(flag) ((flag)->weight ? (flag->weight->weight) : SAFETY_FLAG_CONFIG_WEIGHT_NONE)
|
||||
|
||||
struct safety_weight {
|
||||
uint32_t start_dummy;
|
||||
enum config_weight weight;
|
||||
enum safety_flag flag;
|
||||
volatile struct error_flag *flag_ptr;
|
||||
uint32_t end_dummy;
|
||||
};
|
||||
|
||||
struct safety_persistency {
|
||||
uint32_t start_dummy;
|
||||
bool persistency;
|
||||
enum safety_flag flag;
|
||||
volatile struct error_flag *flag_ptr;
|
||||
uint32_t end_dummy;
|
||||
};
|
||||
|
||||
struct error_flag {
|
||||
const char *name;
|
||||
enum safety_flag flag;
|
||||
bool error_state;
|
||||
bool error_state_inv;
|
||||
bool persistent;
|
||||
volatile struct safety_persistency *persistency;
|
||||
volatile struct safety_weight *weight;
|
||||
uint32_t key;
|
||||
};
|
||||
|
||||
@@ -70,40 +90,24 @@ struct analog_mon {
|
||||
uint64_t timestamp;
|
||||
};
|
||||
|
||||
struct safety_weight {
|
||||
uint32_t start_dummy;
|
||||
enum config_weight weight;
|
||||
enum safety_flag flag;
|
||||
volatile struct error_flag *flag_ptr;
|
||||
uint32_t end_dummy;
|
||||
};
|
||||
|
||||
struct safety_persistency {
|
||||
uint32_t start_dummy;
|
||||
bool persistency;
|
||||
enum safety_flag flag;
|
||||
volatile struct error_flag *flag_ptr;
|
||||
uint32_t end_dummy;
|
||||
};
|
||||
|
||||
static volatile struct error_flag IN_SECTION(.ccm.data) flags[] = {
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_OFF, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_WATCHDOG, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_UNSTABLE, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_OVERFLOW, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_MEAS_ADC, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_PID, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_AMON_UC_TEMP, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_AMON_VREF, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_STACK, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_ADC, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SYSTICK, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_WTCHDG_FIRED, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_UNCAL, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_DEBUG, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_MAIN_LOOP, false),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_MEM_CORRUPT, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT, true),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_OFF),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_WATCHDOG),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_UNSTABLE),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_MEAS_ADC_OVERFLOW),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_MEAS_ADC),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_PID),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_AMON_UC_TEMP),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_AMON_VREF),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_STACK),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_ADC),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SYSTICK),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_WTCHDG_FIRED),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_UNCAL),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_DEBUG),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_TIMING_MAIN_LOOP),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_MEM_CORRUPT),
|
||||
ERR_FLAG_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT),
|
||||
};
|
||||
|
||||
static volatile struct timing_mon IN_SECTION(.ccm.data) timings[] = {
|
||||
@@ -122,8 +126,10 @@ static volatile struct analog_mon IN_SECTION(.ccm.data) analog_mons[] = {
|
||||
|
||||
static const struct safety_weight default_flag_weights[] = { SAFETY_CONFIG_DEFAULT_WEIGHTS };
|
||||
static const struct safety_persistency default_flag_persistencies[] = {SAFETY_CONFIG_DEFAULT_PERSIST};
|
||||
|
||||
static volatile struct safety_persistency IN_SECTION(.ccm.bss) flag_persistencies[COUNT_OF(default_flag_persistencies)];
|
||||
static uint32_t IN_SECTION(.ccm.bss) flag_persistencies_crc;
|
||||
|
||||
static volatile struct safety_weight IN_SECTION(.ccm.bss) flag_weights[COUNT_OF(default_flag_weights)];
|
||||
static uint32_t IN_SECTION(.ccm.bss) flag_weight_crc;
|
||||
|
||||
@@ -178,6 +184,8 @@ static void init_safety_flag_weight_table_from_default(void)
|
||||
for (index = 0; index < COUNT_OF(flag_weights); index++) {
|
||||
current_weight = &flag_weights[index];
|
||||
current_weight->flag_ptr = find_error_flag(current_weight->flag);
|
||||
if (current_weight->flag_ptr)
|
||||
current_weight->flag_ptr->weight = current_weight;
|
||||
}
|
||||
|
||||
crc_unit_reset();
|
||||
@@ -197,6 +205,8 @@ static void init_safety_flag_persistencies_from_default(void)
|
||||
for (index = 0; index < COUNT_OF(flag_persistencies); index++) {
|
||||
current_persistency = &flag_persistencies[index];
|
||||
current_persistency->flag_ptr = find_error_flag(current_persistency->flag);
|
||||
if (current_persistency->flag_ptr)
|
||||
current_persistency->flag_ptr->persistency = current_persistency;
|
||||
}
|
||||
|
||||
crc_unit_reset();
|
||||
@@ -323,14 +333,13 @@ int safety_controller_report_error_with_key(enum safety_flag flag, uint32_t key)
|
||||
flags[i].error_state_inv = !flags[i].error_state;
|
||||
flags[i].key = key;
|
||||
|
||||
if (flags[i].persistent && !old_state) {
|
||||
if (check_flag_persistent(&flags[i]) && !old_state) {
|
||||
err_mem_entry.counter = 1;
|
||||
err_mem_entry.flag_num = flag_enum_to_flag_no(flags[i].flag);
|
||||
err_mem_entry.type = SAFETY_MEMORY_ERR_ENTRY_FLAG;
|
||||
res = safety_memory_insert_error_entry(&err_mem_entry);
|
||||
if (res) {
|
||||
if (res)
|
||||
ret = -12;
|
||||
}
|
||||
} else {
|
||||
ret = 0;
|
||||
}
|
||||
@@ -600,7 +609,7 @@ int safety_controller_get_flag(enum safety_flag flag, bool *status, bool try_ack
|
||||
found_flag = find_error_flag(flag);
|
||||
if (found_flag) {
|
||||
*status = error_flag_get_status(found_flag);
|
||||
if (try_ack && !found_flag->persistent) {
|
||||
if (try_ack && !check_flag_persistent(found_flag)) {
|
||||
/* Flag is generally non persistent
|
||||
* If key is set, this function cannot remove the flag
|
||||
*/
|
||||
@@ -630,7 +639,7 @@ int safety_controller_ack_flag_with_key(enum safety_flag flag, uint32_t key)
|
||||
|
||||
found_flag = find_error_flag(flag);
|
||||
if (found_flag) {
|
||||
if (!found_flag->persistent && (found_flag->key == key || !key)) {
|
||||
if (!check_flag_persistent(found_flag) && (found_flag->key == key || !found_flag->key)) {
|
||||
found_flag->error_state = false;
|
||||
found_flag->error_state_inv = true;
|
||||
ret = 0;
|
||||
|
||||
Reference in New Issue
Block a user